Phishing sites use misleading letters in domain names to steal XRP

Xrplorer’s forensic experts warned on June 15 of an elaborate phishing scam in which hackers try to steal the secret keys of XRP users, under the false premise that Ripple is giving away tokens.

According to the report, the scam campaign, which dates back to approximately January 17, 2020, began sending out memos with minimal amounts of XRP that said

„Starting February 1, 2020, Ripple will release 3 billion XRPs to incentivize network users. Get 25% more XRP added to your account balance in just a few minutes“.

The scammers logged onto a website as part of the memo pretending to be Ripple’s Insight’s blog, with the message of the supposed „great gift“ promoted by the company.

The co-founder of a Ponzi scheme with Bitcoin was arrested by Jakarta police on sexual assault charges

The use of „homogeneous“ domains
The main feature of the scam is the fact that Ripple’s fake websites look legitimate, not only because of the exact replicas of the templates used to build the site, but also because the scammers also use „homogeneous“ domains.

A homogeneous is a character that can be replaced by another, making it more difficult to detect quickly. That’s why, instead of the original domain „“, scammers acquired the domain „“ and use it on fake sites to appear legitimate at first glance.

According to Xrplorer, a new wave of phishing attacks emerged in May 2020. This time, it was not with payment memos, but with spam emails directed at people interested in XRP.

Correlation with the S&P 500 shows that Bitcoin should be worth $18,000, according to the Stock-to-Flow theory

The total amount stolen
At the time of publication, fraudsters had stolen more than 2,100,000 XRPs (US$399,000) and laundered about 1,980,000 XRPs (US$376,200), mainly through exchange services such as ChangeNOW and CoinSwitch, according to the report.

Cointelegraph reported April 29 that YouTube videos from Garlinghouse appeared periodically to promote a 50 million Cryptosoft fake airdrop. Ripple deemed the platform’s response time insufficient to remove such content and filed a lawsuit against YouTube in April.